Skip to main content

Notebook CVE-2018-19351

MEDIUM
Cross-site Scripting (XSS) (CWE-79)
2018-11-18 cve@mitre.org
6.1
CVSS 3.0 · NVD
Share

Severity by source

NVD PRIMARY
6.1 MEDIUM
AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Changed
Confidentiality
Low
Integrity
Low
Availability
None

Lifecycle Timeline

1
CVE Published
Nov 18, 2018 - 17:29 nvd
MEDIUM 6.1

DescriptionNVD

Jupyter Notebook before 5.7.1 allows XSS via an untrusted notebook because nbconvert responses are considered to have the same origin as the notebook server. In other words, nbconvert endpoints can execute JavaScript with access to the server API. In notebook/nbconvert/handlers.py, NbconvertFileHandler and NbconvertPostHandler do not set a Content Security Policy to prevent this.

AnalysisAI

Jupyter Notebook before 5.7.1 allows XSS via an untrusted notebook because nbconvert responses are considered to have the same origin as the notebook server. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Technical ContextAI

This vulnerability is classified as Cross-Site Scripting (XSS) (CWE-79), which allows attackers to inject malicious scripts into web pages viewed by other users. Jupyter Notebook before 5.7.1 allows XSS via an untrusted notebook because nbconvert responses are considered to have the same origin as the notebook server. In other words, nbconvert endpoints can execute JavaScript with access to the server API. In notebook/nbconvert/handlers.py, NbconvertFileHandler and NbconvertPostHandler do not set a Content Security Policy to prevent this. Affected products include: Jupyter Notebook. Version information: before 5.7.1.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Sanitize all user input, use Content-Security-Policy headers, encode output contextually (HTML, JS, URL). Use frameworks with built-in XSS protection.

CVE-2021-32798 CRITICAL POC
9.6 Aug 09

The Jupyter notebook is a web-based notebook environment for interactive computing. Rated critical severity (CVSS 9.6),

CVE-2019-10856 MEDIUM POC
6.1 Apr 04

In Jupyter Notebook before 5.7.8, an open redirect can occur via an empty netloc. Rated medium severity (CVSS 6.1), this

CVE-2015-6938 MEDIUM POC
4.3 Sep 21

Cross-site scripting (XSS) vulnerability in the file browser in notebook/notebookapp.py in IPython Notebook before 3.2.2

CVE-2018-8768 HIGH
7.8 Mar 18

In Jupyter Notebook before 5.4.1, a maliciously forged notebook file can bypass sanitization to execute JavaScript in th

CVE-2022-24758 HIGH
7.5 Mar 31

The Jupyter notebook is a web-based notebook environment for interactive computing. Rated high severity (CVSS 7.5), this

CVE-2015-7337 MEDIUM
6.8 Sep 29

The editor in IPython Notebook before 3.2.2 and Jupyter Notebook 4.0.x before 4.0.5 allows remote attackers to execute a

CVE-2024-22421 MEDIUM
6.5 Jan 19

JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook and Ar

CVE-2024-43805 MEDIUM
6.1 Aug 28

jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Archit

CVE-2024-22420 MEDIUM
6.1 Jan 19

JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook and Ar

CVE-2020-26215 MEDIUM
6.1 Nov 18

Jupyter Notebook before version 6.1.5 has an Open redirect vulnerability. Rated medium severity (CVSS 6.1), this vulnera

CVE-2019-10255 MEDIUM
6.1 Mar 28

An Open Redirect vulnerability for all browsers in Jupyter Notebook before 5.7.7 and some browsers (Chrome, Firefox) in

CVE-2018-19352 MEDIUM
6.1 Nov 18

Jupyter Notebook before 5.7.2 allows XSS via a crafted directory name because notebook/static/tree/js/notebooklist.js ha

Share

CVE-2018-19351 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy